Export limit exceeded: 81271 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81271 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43554 | 1 Fatek | 1 Winproladder | 2024-11-21 | 7.8 High |
| FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2021-43539 | 3 Debian, Mozilla, Redhat | 7 Debian Linux, Firefox, Firefox Esr and 4 more | 2024-11-21 | 8.8 High |
| Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. | ||||
| CVE-2021-43537 | 3 Debian, Mozilla, Redhat | 7 Debian Linux, Firefox, Firefox Esr and 4 more | 2024-11-21 | 8.8 High |
| An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. | ||||
| CVE-2021-43535 | 3 Debian, Mozilla, Redhat | 6 Debian Linux, Firefox, Firefox Esr and 3 more | 2024-11-21 | 8.8 High |
| A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.3, and Firefox ESR < 91.3. | ||||
| CVE-2021-43534 | 3 Debian, Mozilla, Redhat | 6 Debian Linux, Firefox, Firefox Esr and 3 more | 2024-11-21 | 8.8 High |
| Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. | ||||
| CVE-2021-43521 | 1 Zlog Project | 1 Zlog | 2024-11-21 | 7.5 High |
| A Buffer Overflow vulnerability exists in zlog 1.2.15 via zlog_conf_build_with_file in src/zlog/src/conf.c. | ||||
| CVE-2021-43518 | 2 Fedoraproject, Teeworlds | 2 Fedora, Teeworlds | 2024-11-21 | 7.8 High |
| Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution. | ||||
| CVE-2021-43515 | 1 Kimai | 1 Kimai | 2024-11-21 | 7.8 High |
| CSV Injection (aka Excel Macro Injection or Formula Injection) exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file. | ||||
| CVE-2021-43498 | 1 Atutor | 1 Atutor | 2024-11-21 | 7.5 High |
| An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set. | ||||
| CVE-2021-43496 | 1 Clustering Project | 1 Clustering | 2024-11-21 | 7.5 High |
| Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access. | ||||
| CVE-2021-43495 | 1 Alquistai | 1 Alquist | 2024-11-21 | 7.5 High |
| AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability in alquist/IO/input.py. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access. | ||||
| CVE-2021-43494 | 1 Codingforentrepreneurs | 1 Opencv Rest Api | 2024-11-21 | 7.5 High |
| OpenCV-REST-API master branch as of commit 69be158c05d4dd5a4aff38fdc680a162dd6b9e49 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access. | ||||
| CVE-2021-43493 | 1 Servermanagement Project | 1 Servermanagement | 2024-11-21 | 7.5 High |
| ServerManagement master branch as of commit 49491cc6f94980e6be7791d17be947c27071eb56 is affected by a directory traversal vulnerability. This vulnerability can be used to extract credentials which can in turn be used to execute code. | ||||
| CVE-2021-43492 | 1 Alquistai | 1 Alquist | 2024-11-21 | 7.5 High |
| AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system andcan significantly aid in getting remote code access. | ||||
| CVE-2021-43483 | 1 Claro | 2 Kaon Cg3000, Kaon Cg3000 Firmware | 2024-11-21 | 8.0 High |
| An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication. | ||||
| CVE-2021-43471 | 1 Canon | 2 Lbp223dw, Lbp223dw Firmware | 2024-11-21 | 7.5 High |
| In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability. | ||||
| CVE-2021-43469 | 1 Vinga | 2 Wr-n300u, Wr-n300u Firmware | 2024-11-21 | 8.8 High |
| VINGA WR-N300U 77.102.1.4853 is affected by a command execution vulnerability in the goahead component. | ||||
| CVE-2021-43464 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | 8.8 High |
| A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval(). | ||||
| CVE-2021-43463 | 1 Ext2 File System Driver Project | 1 Ext2 File System Driver | 2024-11-21 | 7.8 High |
| An Unquoted Service Path vulnerability exists in Ext2Fsd v0.68 via a specially crafted file in the Ext2Srv Service executable service path. | ||||
| CVE-2021-43460 | 1 Systemexplorer | 1 System Explorer | 2024-11-21 | 7.8 High |
| An Unquoted Service Path vulnerability exists in System Explorer 7.0.0 via via a specially crafted file in the SystemExplorerHelpService service executable path. | ||||